As it is well known, in order to be able to access encrypted data and visualise a Pay-TV event, such as a film, a sports event or a game in particular, several streams are broadcast to a set of multimedia units comprising a decoder and a security module. In particular, these streams are on one hand the file of the event in the form of an encrypted data stream and on the other hand, a stream of control messages ECM allowing the data stream to be decrypted. The content of the data stream is encrypted by “control words” (Control words=CW) that are regularly renewed. The second stream is called ECM (Entitlement Control Message) and can be formed in particular in two different ways. According to a first method, the control words are encrypted by a key, called transmission key TK, which generally pertains to the transmission system between the management centre and a security module associated with the receiver/decoder. The control word CW is obtained by decrypting the control messages ECM by means of the transmission key TK.
According to a second method, the ECM stream does not directly contain the encrypted control words, but rather contains information allowing the determination of the control words. This determination of the control words can be carried out by different operations, in particular by a decryption, this decryption can lead directly to the control word, but can also lead to data which contains the control word, which must then be extracted from the data. In particular, the data can contain the control word as well as a value associated to the content to be broadcast, and in particular the access conditions to this content. Another operation allowing the determination of the control word can use, for example, a one-way hashing function of this data in particular.
In the majority of the present systems, the data stream is received in encrypted form by the decoder. This also receives the stream of control messages ECM. It transmits these messages ECM to the security module that decrypts them in order to extract the control words CW. These control words are transmitted to the decoder, for example in the encrypted form by means of a key common to the security module and to the decoder. The decoder contains a descrambling module (Descrambler) responsible for the decryption of the data stream with the aid of the control words.
During the decryption of a control message ECM, it is also verified, in the security module, that the right to access the content in question is present.
This right can be managed by authorisation messages EMM (Entitlement Management Message) that load this right into the security module.
The encryption key of the control messages is itself transmitted in authorisation messages EMM, in order to allow access to the control words.
At present, a large number of the security modules used in access systems to conditional access data and in particular in the systems related to Pay-TV are smart cards. Generally, the used smart cards fulfil the ISO 7816 standard. As it is well known, the cards conforming to this standard comprise eight contacts accessible from the exterior by means of elements which form an electric junction with the contacts of the card when the latter is inserted into a reader. Six of the eight contacts have a function well defined in the ISO 7816 standard mentioned above. In particular, a contact Vcc is responsible for providing the power supply of the card's chip, a contact GND provides the grounding of this chip, a contact RST allows resetting, a contact Vpp provides the supply of the chip in programming voltage, a contact CLK allows the input of a clock signal and a contact I/O allows the input/output of the data.
These cards are particularly adapted to a Pay-TV system since they allow the security required for this type of application to be provided. However, they suffer from a defect. They do not allow significant data processing speeds. Thus, when such cards are used to decrypt control messages ECM in order to extract the control words, their processing capacity is sufficient. However, such cards are not capable of decrypting streams as large as data streams.
At present there are cards capable of supporting two different operating modes, in particular one mode responding to the ISO 7816 standard and another mode using the USB protocol. This USB protocol allows sufficiently fast rates to be applied to the data decryption on-the-fly.
In the smart cards conforming to the ISO 7816 standard, two contacts of the eight existing are not reserved for a precise function, but can be used according to the requirements of the application. According to the USB standard, the data is transmitted by two wires, D+ and D−, two other wires being provided to ensure the power supply. Certain existing smart cards thus use the two free contacts of an ISO 7816 card to ensure the transfer of the data according to the USB standard.
For a conventional application, in the ISO 7816 smart cards, the used clock frequency is generally lower than 5 MHz. The clock signal is generated in an external device, then transmitted to the card by means of the contact CLK of the chip.
In a system using the USB protocol for audio/video stream processing, the clock frequency must not only be very accurate, but it must be relatively high. Generally, the clock frequency in USB mode is 30 MHz and the data transfer frequencies are 1.5 Mb/s (low speed) or 12 Mb/s (full speed) according to the USB 1 standard, and 480 Mb/s (high speed) according to the USB 2.0 standard. A high frequency and high precision impose the presence of an oscillator such as a quartz oscillator, which is integrated into the USB module itself. When the USB module takes the form of a smart card, constraints with respect to volume must particularly be respected. This makes the manufacturing of the card relatively complex and expensive.
Moreover, in a system capable of operating in ISO 7816 mode and in USB mode, it is necessary to manage very different frequencies in the most flexible possible way.
The document EP 1 457 922 describes a smart card that works in ISO 7816 mode and in USB mode, which is capable of switching automatically into the required mode. This automatic switching is carried out by means of the detection of a voltage on the contact D+ or D− of the chip. If a voltage is present on one of these contacts, it is considered that the smart card operates in USB mode. If no voltage is present on one of these contacts, the card operates in ISO 7816 mode.
This detection mode implies that it is first necessary to generate a voltage or to suppress the voltage on the contacts D+ and D− in USB mode in order to indicate to the card that there is a mode change. The required data can only be transmitted when the mode change has been taken into account. Such a constraint implies that this embodiment is not adapted to an application in which the mode changes frequently, in particular when there are frequent changes from ISO 7816 mode for the processing of control messages ECM to USB mode for the processing of the audio/video stream. According to a particular embodiment of this invention, the detection of the USB mode is carried out by imposing a logical 1 on the contact CLK. It is clear that in this case, the contact is no longer available.
The present invention proposes to solve the problems of the devices in the prior art by producing a security module capable of processing both the data according to the ISO 7816 standard as well as according to USB protocol. This security module is furthermore capable of switching automatically from one mode to the other, in a frequent and fast way.
Furthermore, this device removes the constraints related to the integration of an oscillator in a smart card. It is thus possible to produce a relatively cheap card while providing great flexibility of use.